Medium Severity

Security Bulletin: IBM Security Guardium is affected by a Missing HTTP Strict-Transport-Security Header vulnerability (CVE-2021-39072)

May 11, 2022

Categorized: Medium Severity

Share this post:

IBM Security Guardium has fixed this vulnerability.

CVE(s): CVE-2021-39072

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Security Guardium 11.3
IBM Security Guardium 11.4

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6573005
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/215581


Previous Post

Security Bulletin: IBM Security Guardium is affected by FasterXML jackson-databind vulnerabilities (CVE-2020-25649, X-Force ID 217968)

Next Post

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities
More stories

Security Bulletin: Multiple Vulnerabilities in Intel Firmware affect Cloud Pak System

August 13, 2022 | Medium Severity

Vulnerabilities in Intel firmware affect Cloud Pak System. Cloud Pak system nodes using Intel driver firmware recommended update. ...read more

Security Bulletin: A Unspecified Java Vulnerability is affecting Watson Knowledge Catalog for IBM Cloud Pak for Data (CVE-2021-35550)

August 12, 2022 | Medium Severity

An unspecified vulnerability in Java is affecting Watson Knowledge Catalog for IBM Cloud Pak for Data. This vulnerability have been addressed. ...read more

Security Bulletin: CP4D Match 360 is affected by Identity Spoofing vulnerability in IBM WebSphere Application Server Liberty

August 12, 2022 | Medium Severity

IBM WebSphere Application Server Liberty is vulnerable to identity spoofing with the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0 or appSecurity-4.0 feature enabled. This has been addressed. IBM Match 360 v4.5.0 and prior, is also vulnerable given that it uses WebSphere Application Server Liberty. ...read more